const express = require('express');
const authController = require('../controllers/authController');
const { authenticateToken, optionalAuth } = require('../middleware/auth');
const {
  validateUserRegistration,
  validateUserLogin,
  validatePasswordResetRequest,
  validatePasswordReset,
  validatePasswordChange,
  validateEmailVerification,
  validatePhoneVerification,
  handleValidationErrors
} = require('../middleware/validation');

const router = express.Router();

/**
 * 用户认证相关路由
 * 基础路径: /api/auth
 */

/**
 * @route   POST /api/auth/register
 * @desc    用户注册
 * @access  Public
 * @body    { username, email, password, first_name, last_name, phone, date_of_birth }
 */
router.post('/register', 
  validateUserRegistration,
  authController.register
);

/**
 * @route   POST /api/auth/login
 * @desc    用户登录
 * @access  Public
 * @body    { email, password }
 */
router.post('/login',
  validateUserLogin,
  authController.login
);

/**
 * @route   GET /api/auth/me
 * @desc    获取当前用户信息
 * @access  Private
 * @headers Authorization: Bearer <token>
 */
router.get('/me',
  authenticateToken,
  authController.getCurrentUser
);

/**
 * @route   POST /api/auth/refresh
 * @desc    刷新访问令牌
 * @access  Private
 * @headers Authorization: Bearer <token>
 */
router.post('/refresh',
  authenticateToken,
  authController.refreshToken
);

/**
 * @route   POST /api/auth/logout
 * @desc    用户登出
 * @access  Private
 * @headers Authorization: Bearer <token>
 */
router.post('/logout',
  authenticateToken,
  authController.logout
);

/**
 * @route   POST /api/auth/forgot-password
 * @desc    请求密码重置
 * @access  Public
 * @body    { email }
 */
router.post('/forgot-password',
  validatePasswordResetRequest,
  authController.forgotPassword
);

/**
 * @route   POST /api/auth/reset-password
 * @desc    重置密码
 * @access  Public
 * @body    { token, new_password }
 */
router.post('/reset-password',
  validatePasswordReset,
  authController.resetPassword
);

/**
 * @route   POST /api/auth/change-password
 * @desc    修改密码
 * @access  Private
 * @headers Authorization: Bearer <token>
 * @body    { current_password, new_password }
 */
router.post('/change-password',
  authenticateToken,
  validatePasswordChange,
  authController.changePassword
);

/**
 * @route   POST /api/auth/send-verification-email
 * @desc    发送邮箱验证码
 * @access  Private
 * @headers Authorization: Bearer <token>
 */
router.post('/send-verification-email',
  authenticateToken,
  authController.sendEmailVerification
);

/**
 * @route   POST /api/auth/verify-email
 * @desc    验证邮箱
 * @access  Private
 * @headers Authorization: Bearer <token>
 * @body    { verification_code }
 */
router.post('/verify-email',
  authenticateToken,
  validateEmailVerification,
  authController.verifyEmail
);

/**
 * @route   POST /api/auth/send-verification-sms
 * @desc    发送手机验证码
 * @access  Private
 * @headers Authorization: Bearer <token>
 */
router.post('/send-verification-sms',
  authenticateToken,
  authController.sendPhoneVerification
);

/**
 * @route   POST /api/auth/verify-phone
 * @desc    验证手机号
 * @access  Private
 * @headers Authorization: Bearer <token>
 * @body    { verification_code }
 */
router.post('/verify-phone',
  authenticateToken,
  validatePhoneVerification,
  authController.verifyPhone
);

/**
 * @route   GET /api/auth/check-token
 * @desc    检查令牌有效性
 * @access  Private (Optional)
 * @headers Authorization: Bearer <token>
 */
router.get('/check-token',
  optionalAuth,
  (req, res) => {
    if (req.user) {
      res.json({
        success: true,
        message: '令牌有效',
        data: {
          valid: true,
          user: req.user,
          expires_at: req.tokenExpiry
        }
      });
    } else {
      res.json({
        success: true,
        message: '令牌无效或已过期',
        data: {
          valid: false
        }
      });
    }
  }
);

/**
 * @route   POST /api/auth/social/google
 * @desc    Google社交登录（预留接口）
 * @access  Public
 * @body    { google_token }
 */
router.post('/social/google',
  (req, res) => {
    res.status(501).json({
      success: false,
      message: 'Google社交登录功能暂未实现',
      error_code: 'NOT_IMPLEMENTED'
    });
  }
);

/**
 * @route   POST /api/auth/social/wechat
 * @desc    微信社交登录（预留接口）
 * @access  Public
 * @body    { wechat_code }
 */
router.post('/social/wechat',
  (req, res) => {
    res.status(501).json({
      success: false,
      message: '微信社交登录功能暂未实现',
      error_code: 'NOT_IMPLEMENTED'
    });
  }
);

/**
 * @route   POST /api/auth/biometric/register
 * @desc    注册生物识别信息（预留接口）
 * @access  Private
 * @headers Authorization: Bearer <token>
 * @body    { biometric_data, biometric_type }
 */
router.post('/biometric/register',
  authenticateToken,
  (req, res) => {
    res.status(501).json({
      success: false,
      message: '生物识别注册功能暂未实现',
      error_code: 'NOT_IMPLEMENTED'
    });
  }
);

/**
 * @route   POST /api/auth/biometric/login
 * @desc    生物识别登录（预留接口）
 * @access  Public
 * @body    { biometric_data, biometric_type, user_identifier }
 */
router.post('/biometric/login',
  (req, res) => {
    res.status(501).json({
      success: false,
      message: '生物识别登录功能暂未实现',
      error_code: 'NOT_IMPLEMENTED'
    });
  }
);

module.exports = router;